<?php

	/**
	* @author Robbie Vasquez
 	* @author Matt Kennedy
 	*
 	* @param username
	* @param password
 	*/
	
class Login extends Model
{
	//creating variables username and password
	var $username = '';
	var $password = '';	
		
	public function Login()
	{
		// Call the model constructor
		parent::Model();
		
		$this->load->database();
	}
	
	public function process()
	{		
		//checking to see if information is there
		if(isset($_POST) && $_POST != NULL)
		{
			//creating an array for errors
			$errors = array();
			
			//checking if user entered a username
			if(trim($_POST['username']) == '' || $_POST['username'] == 'Username')
			{
				$errors[] = "You must enter a username.";
				unset($_POST['username']);
				
				$log = FALSE;
			}
			
			//checking if user entered a password
			if(trim($_POST['password']) == '' || $_POST['password'] == 'Password')
			{
				$errors[] = "You must enter a password.";
				unset($_POST['password']);
				
				$log = FALSE;
			}
			
			//checking to see if there are any errors
			if(count($errors) < 1)
			{
				//array to hold username and password
				$data = array('username' => $_POST['username'], 'password' => $_POST['password']);

				mysql_connect('2006.ispace.ci.fsu.edu', 'rmv06d', 'zqgvht2m');
				mysql_select_db('runningrecords');
				
				$sql = "SELECT * FROM users WHERE username='" . $data['username'] . "' AND password='" . $data['password'] . "'";
				$result = mysql_query($sql);
				$pull = mysql_fetch_array($result);
				
				//checking if a result was retrieved
				if($pull !== FALSE)
				{
					session_start();
					$_SESSION['auth'] = 'yes';
					$_SESSION['username'] = $data['username'];
					
					$log = TRUE;
					
					//forwarding the user to a different page
					header("Location:  /runningrecords/index.php/main/home");
					die();
				}
				else
					$log = "Wrong information give.";
			}
		}
		
		else
			$log = FALSE;
			
		return $log;
	}
}